Fix Defined Firewall

Unidirectional Network Connection with the Fix Defined Firewall by Wiesemann & Theis

The Fix Defined Firewall by Wiesemann & Theis is a specialized solution for the secure, unidirectional connection of computers to networks with high security requirements. As a network one-way street, it enables transparent data flow in one direction while completely blocking the opposite direction. Without a configuration interface, its own network services, or an Ethernet address, it offers a retroactive-free network connection, making it especially suitable for applications in telemetry, data stream analysis, and Industry 4.0. With its fixed configuration and plug&play commissioning, the Fix Defined Firewall is the ideal choice for security-critical environments where tampering must be excluded. This article highlights the technical features, applications, and benefits of this unique solution.

Network One-Way Street for Maximum Security

The Fix Defined Firewall is a fixed-configured firewall designed exclusively for unidirectional data flow. Incoming data packets are transparently forwarded from the input to the output, while data traffic in the opposite direction – from the reading computer or the firewall itself – is completely blocked. This preconfiguration is immutable and ensures a retroactive-free network connection, where no data can flow back into the secure network. The firewall does not have a configuration interface, no network services, and no Ethernet address, which minimizes the attack surface to an absolute minimum. These features make the Fix Defined Firewall ideal for applications where sensitive networks need to be protected from any access, such as in telemetry or data stream analysis.

Plug&Play Commissioning for Easy Integration

The commissioning of the Fix Defined Firewall is a true plug&play experience. In environments with Power-over-Ethernet (PoE), simply connecting the network cables is enough to make the device operational. Without PoE, only an external power supply (24V-48V DC) is required via a screw terminal. Since the firewall does not have a configuration interface, no settings or adjustments are necessary. This minimizes integration effort, making the Fix Defined Firewall particularly suitable for security-critical applications that require fast and uncomplicated installations. The fixed configuration also eliminates the risk of misconfigurations, further supporting secure communication in sensitive networks.

Robust Firmware Without External Dependencies

The firmware of the Fix Defined Firewall is specifically designed for its clearly defined functionality and does not use a classic operating system. It contains no open-source or third-party components, which increases the security and reliability of the device. By avoiding complex software components and network services, the risk of security vulnerabilities or attack points is minimized. This minimalist architecture makes the Fix Defined Firewall a robust solution for environments where absolute security and stability are paramount, such as in network control or connecting analysis devices to production networks.

High-Performance Network Connection

The Fix Defined Firewall features two Ethernet interfaces (100BaseT) with autosensing and Auto-MDIX, enabling reliable and transparent data transmission. The interfaces are optimized for unidirectional data flow, with incoming data packets being forwarded to the reading host without delay. The powerful hardware platform ensures low latency, which is crucial for time-sensitive applications in industry. Since the firewall does not have its own Ethernet address, it remains invisible in the network, further increasing security. These features make the Fix Defined Firewall ideal for applications where a retroactive-free network connection is required without compromising performance.

Comparison with Other Microwall Products

In contrast to other products such as the Microwall VPN or Microwall IO, which function as routers and connect two different IP networks, the Fix Defined Firewall is designed exclusively for unidirectional data transmission. While the Microwall VPN and Microwall IO offer features such as VPN or digital I/O ports, the Fix Defined Firewall is designed for maximum simplicity and security. It is especially suited for scenarios where bidirectional communication is not required, such as connecting telemetry devices or analysis platforms to a secure network. For applications that require configurable firewall rules or bidirectional communication, the Microwall Bridge, VPN, or IO are better suited.

Versatile Applications

The Fix Defined Firewall is specifically designed for applications where a retroactive-free network connection to a network with high security requirements is necessary. In telemetry, it enables the secure transmission of sensor data to analysis devices, without data being able to flow back into the production network. In data stream analysis, it protects analysis platforms from unauthorized access by only allowing incoming data. In Industry 4.0, it provides an easy solution to secure monitoring or logging systems that need to receive data from a sensitive network without compromising its security. Other applications include securing IoT devices, monitoring production networks, and logging network data in security-critical environments.

Flexible Power Supply and Compliance with Standards

The power supply of the Fix Defined Firewall is either provided via Power-over-Ethernet (PoE) with phantom power over data pairs or via unused wire pairs, or through an external supply (24V-48V DC) via a screw terminal. This flexibility simplifies installation in various environments, from offices to industrial facilities. The device complies with standards and offers high immunity to disturbances according to EN 61000-6-2, as well as low emission levels according to EN 55032:2015 + A1 Class B, EN 61000-3-2, and EN 61000-3-3. These features ensure reliable and interference-free operation, even in demanding industrial environments.

Please note: No power supply unit is included in the delivery.

Durability and Reliability

The Fix Defined Firewall is designed for continuous operation and comes with a five-year warranty. The robust construction and the ability to be mounted on a DIN rail make it ideal for use in industrial environments. By omitting a classic operating system and external software components, the firewall is particularly resistant to attacks and failures. The minimalist architecture and fixed configuration ensure high reliability, even with long-term use in security-critical scenarios.

A Future-Proof Solution for Unidirectional Network Connections

The Fix Defined Firewall by Wiesemann & Theis is a highly reliable and secure solution for retroactive-free network connections in security-critical environments. With its fixed configuration, unidirectional data transmission, absence of configuration interfaces, and plug&play commissioning, it offers a unique platform for telemetry, data stream analysis, and Industry 4.0. The minimalist firmware without external dependencies and the robust hardware make it ideal for applications where absolute security and simplicity are of utmost priority. Whether for securing IoT devices, monitoring production networks, or securely transmitting data to analysis devices – the Fix Defined Firewall is an indispensable tool for professional users.